Administering Local Accounts

You can perform the following local account administration tasks using a policy or Casper Remote:

  • Create a new account.

  • Delete an existing account.

  • Reset the password for an existing account.

  • (Policy only) Disable an existing account for FileVault 2 on computers with macOS 10.9 or later.

When you create a new account, you can do the following:

  • Specify the password and password hint.

  • Specify a location for the home directory.

  • Configure the account picture.

  • Give the user administrator privileges to the computer.

  • (Policy only) Enable the account for FileVault 2 on computers with macOS 10.9 or later.

When you delete an existing account, you can permanently delete the home directory or specify an archive location.

Requirements

To enable a new account for FileVault 2, the computer must have macOS 10.9 or later and have an existing, valid individual recovery key that matches the recovery key stored in the JSS.

To disable an existing account for FileVault 2, the computer must have macOS 10.9 or later.

Administering Local Accounts Using a Policy

  1. Log in to the JSS with a web browser.

  2. Click Computers at the top of the page.

  3. Click Policies.

  4. Click New images/download/thumbnails/15181909/New_icon.png .

  5. Use the General payload to configure basic settings for the policy, including the trigger and execution frequency.
    For an overview of the settings in the General payload, see General Payload.

  6. Select the Local Accounts payload and click Configure.

  7. Choose an action from the Action pop-up menu.

  8. Configure the action using the options on the pane.

  9. Use the Restart Options payload to configure settings for restarting computers.
    For more information, see Restart Options Payload.

  10. Click the Scope tab and configure the scope of the policy.
    For more information, see Scope.

  11. (Optional) Click the Self Service tab and make the policy available in Self Service.
    For more information, see Self Service Policies.

  12. (Optional) Click the User Interaction tab and configure messaging and deferral options.
    For more information, see User Interaction.

  13. Click Save.

The policy runs on computers in the scope the next time they check in with the JSS and meet the criteria in the General payload.

Administering Local Accounts Using Casper Remote

  1. Open Casper Remote and authenticate to the JSS.

  2. Click Site images/download/thumbnails/15181909/Site.png and choose a site.
    This determines which items are available in Casper Remote.
    Note: This button is only displayed if you have a site configured in the JSS and are logged in with a JSS user account that has full access or access to multiple sites.

  3. In the list of computers, select the checkbox for each computer on which you want to administer local accounts.

    images/download/attachments/14453895/Computers_tab.png
  4. Click the Accounts tab.

  5. Click Create, Reset Password, or Delete.

    images/download/attachments/14453944/Accounts_tab.png
  6. Configure the action using the options in the window that appears.

  7. Click the Restart tab and configure settings for restarting computers.
    images/download/attachments/14453904/Restart_tab0.png

  8. Do one of the following:

    • To immediately perform the tasks on the specified computers, click Go.

    • To schedule the tasks to take place at a specific day and time, click Schedule and choose a day and time. Then click Schedule again.

Related Information

For related information, see the following sections in this guide:

Copyright | Privacy | Terms of Use | Security
© copyright 2002-2017 Jamf. All rights reserved.